1. Elements of use case
    • actors
    • precondition
    • Trigger
    • Postcondition
    • Normal Flow
    • Alternate Flow
  2. Confidentiality
    • Prevents the unauthorized disclosure of data
    • only authorized personnel can access
  3. Identification
    users claim an identity with a unique username
  4. Authentication
    users prove their identity with a password
  5. Authorization
    • grant or restrict access
    • for example permissions
  6. Steganography
    • helps confidentiality
    • hides data within a file
  7. What is the best way to protect the confidentiality of data?
  8. access controls
    these restrict access helps with confidentiality
  9. Integrity
    data has not been changed
  10. hashing helps with
    data integrity
  11. What is hashing?
    a numeric value created by executing an algorithm against a message or file
  12. Digital signature provides
    • authentication and integrity usually with emails and files
    • non-repudiation- cannot deny it
  13. Digital signatures require what two things?
    • Use of certificates 
    • Public Key Infrastructure
  14. Disk redundancies
    • RAID 1 RAID 5 
    • allow a system to continue to operate even if a disk fails
  15. Server Redundancies
    failover clusters include redundant servers and ensure a service will continue even if there server fails
  16. What does Load balancing do?
    • uses multiple servers to support a website
    • it can increase the availability of web sites and web-based application
  17. Site Redundancies
    if a site can not longer function it can be moved to an alternate site
  18. What is the goal of fault tolerance and redundancy?
    • eliminate SPOF
    • single point of failures
  19. Alternate power
    backup power generator
  20. Cooling systems
    keep systems from overheating
  21. What is a threat?
    anything that has the possibility to compromise confidentiality, integrity, or availibility
  22. Most security controls are what kind?
    technical, administrative, and physical
  23. Encryption, antivirus, IDSs, IPSs, firewalls are all what types of controls?
  24. Motion detectors and fire suppression systems are examples of what type of controls?
    Technical physical security/ environment controls
  25. Administrative controls
    Methods mandated by organizational policies or other guidelines
  26. Risk assessment
    vulnerability assessment
    Penetration tests are all examples of what type of controls?
    Administrative controls
  27. Risk Assessments
    • Help quantify and qualify risks within an organization.
    • helps to prioritize what is most important risk
  28. Vulnerability Assessments
    tries to discover current vulnerabilities or weaknesses
  29. Penetration tests
    Try to exploit vulnerablities
  30. Awareness training
    • Administrative controls
    • training to maintain password security 
    • clean desk policy
    • understand phishing and malware
  31. Configuration management
    uses baselines to ensure that systems start in a secure, hardened state
  32. Change Management
    helps ensure that changes don't result in unintended configuration errors
  33. Contingency planning
    help organization plan and prepare for potential system outages
  34. Lighting, signs, fences, security guards are all examples of what type of controls?
  35. hardening, Security awareness and training, Security guards, Change management, Account Disablement Policy are all examples of what types of controls?
    Preventive Controls
  36. Hardening
    • Makes more secure than basic configuration
    • Disabling unnecessary ports and services
    • implementing secure protocols, using strong passwords along with a robust password policy, disabling unnecessary accounts
    • (preventive)
  37. Change management
    • admins submit changes to change management who makes sure that the system does not experience any outages
    • (preventive)
  38. Account Disablement policy
    • When employee leaves disable account
    • (preventive)
  39. Log monitoring, Trend Analysis, Security audit, Video Surveillance, and motion detection are all examples of what type of controls?
  40. Log monitoring
    monitor logs to detect incidents
  41. Trend Analysis
    by analyzing past alerts, you can identify trends to see if they are trying to attack a specific system
  42. Security Audit
    • Examine the security posture of an organization
    • can also detect if users have more rights than they should
  43. IPS and Backups and system recovery are what types of control?
    Corrective controls
  44. IPS
    • Intrusion Prevention system
    • detects attacks and modifies environment so that attack cannot continue
    • (corrective)
  45. Cable locks and Hardware locks are what type of controls?
  46. Controls used for now but in the mean time developing something else
    Compensating controls
  47. virtualization
    • allows you to host one or more virtual systems, or VMs, on a single physical system
    • great to help costs when a company has a lot of unused servers
    • also provides a high level of flexibility when testing security controls, updates, and patches because they can easily be reverted using snapshots
  48. Type 1 hypervisor
    run directly on bare-metal systems without an operating system
  49. Type 2 hypervisor
    software that run with an operating system
  50. Container virtualization
    runs within isolated cells or containers and does not have its own kernel
  51. Snapshot
    provides a copy of VM at a moment in time for a backup
  52. VDI/VDE
    • Virtualized desktop infrastructure
    • for computers with limited hardware resources
  53. persistant
    virtual desktop each user has a custom desktop
  54. non-persistant
    virtual desktop reverts back to a known state after use
  55. VM escape, VM Sprawl, and Loss of confidentiality are all examples of
    Risks associated with Virtualizatin
  56. VM escape
    • attack that allows an attacker to access the host system from within the virtual system
    • attacker runs code on the virtual system and interacts with the hypervisor
  57. VM Sprawl
    • organization has many VM's that aren't manage properly
    • for example leaving a VM running
  58. ping
    • basic command used to test connectivity for remote systems
    • used to verify system can resolve valid host names, test the NIC, and check the security posture of a network
  59. windows use ipconfig
    linux systems use ifconfig
    you can enable promiscuous mode on NIC with ifconfig
    ip is similar to ifconfig and can be used to view and manipulate NIC settings
  60. netstat
    • network statistics
    • allows you to view statistics for TCP/IP protocols on a system
  61. tracert
    lists the routers between two systems
  62. arp
    • command-line tool that is related to the address resolution protocol 
    • you can use this to view and manipulate ARP cache
Card Set